package gateway.plugins.auth;

import gateway.plugins.Plugin;
import org.springframework.util.StringUtils;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Arrays;

public class AuthorizePlugin implements Plugin {
    @Override
    public HandlerInterceptor getInterceptor() {
        return new HandlerInterceptor(){
            @Override
            public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
                if (!(handler instanceof HandlerMethod)) {
                    return true;
                }
                HandlerMethod handlerMethod = (HandlerMethod) handler;
                Authorize authorize = handlerMethod.getMethod().getAnnotation(Authorize.class);
                if (authorize == null) {
                    return true; // no need to authorize
                }
                String[] allowedHeaders = authorize.value();
                //从header里获取请求权限，如果header里没有就校验失败
                String authzHeader = request.getHeader(AuthConstant.AUTHORIZATION_HEADER);
                if (StringUtils.isEmpty(authzHeader)) {
                    throw new RuntimeException(AuthConstant.ERROR_MSG_MISSING_AUTH_HEADER);
                }
                if (!Arrays.asList(allowedHeaders).contains(authzHeader)) {
                    throw new RuntimeException(AuthConstant.ERROR_MSG_DO_NOT_HAVE_ACCESS);
                }
                return true;
            }
        };
    }
    @Override
    public int getOrder() {
        return 1;
    }
}
